By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

backup solution is an appealing one. But if you’re going to do it with your enterprise,
there are a variety of issues you’ll need to consider.

Cloud considerations

Because security is the chief obstacle to more companies utilizing cloud backups, cloud
data storage products have to comply with a series of best practices. It must encrypt data in
transit, usually through a secure
socket layer connection if you are using the Internet to transport the data. It must store data
as encrypted in the cloud via a state-of-the-art encryption protocol along the lines of a 256-bit
AES encryption. And, finally, the cloud data storage provider needs to support strong, enforceable
authentication with features like password expiration and complexity.

Cloud data backup also carries with it compliance issues. Public companies, or anyone working
in industries subject to enhanced regulatory requirements, should look at cloud data storage
providers that adhere to SSAE 16/SOC 1. It’s critical that the service provider performs the more
stringent Type II audit as it’s the only one that allows the auditor to share his opinion on
whether the controls tested work well enough to provide some guarantee that the control objectives
were achieved during the testing period.

While security and compliance would rank at the forefront of any list of features and
considerations you must evaluate when trying to find the right cloud data storage product for your
organization, they are not alone. Here’s a look at some other factors to consider:

Hybrid vs. pure cloud backups. In a pure cloud backup scenario, agents on protected
servers and desktops perform backups directly to the cloud. Quick setup and minimal maintenance are
benefits of this service. A pure cloud data storage product is best-suited for personal backups and
backups for smaller firms with limited amounts of data to protect (typically a few terabytes). The
drawbacks of backing up directly into the cloud are performance and bandwidth challenges because of
latency and bandwidth limits of
available Internet connections; these shortcomings are most important when restoring data.

Latency and limited bandwidth are mitigated by hybrid
cloud backup products that use an on-premises disk or gateway as the initial backup target from
which the data is replicated to the cloud. The on-premises intermediary usually caches the most
recent backups for on-premises restores, minimizing tedious recoveries from the cloud; it also
moves data into the cloud asynchronously. For a pure cloud backup solution without the on-premises
intermediary for quick restores, it’s essential to understand all restore options, including the
ability to have backups shipped to you on a disk or NAS device; restore options become more
relevant as the amount of data stored in the cloud grows. Similarly, some MSPs accept the initial
full backup on an external storage device (known as “seeding”) to avoid a
time-consuming first backup over the Internet.

Efficiency. Backup processes that are OK for on-premises backups may be unacceptable for
cloud backups. For instance, the ability to perform sub-file backups of changes to files is an
indispensable feature in a cloud backup product. With email personal folder files (.PST files) that
can grow beyond gigabytes, and large Excel spreadsheets and PowerPoint presentations spanning tens
of megabytes, being able to only back up file changes to the cloud rather than complete files is a
non-negotiable feature for a cloud backup product. Similarly, the ability to perform continuous
incremental backups minimizes the amount of traffic for each backup. The traditional weekly full
and daily incremental backup discipline frequently used for on-premises backups doesn’t work for
backing up data into the cloud. Limited network bandwidth makes efficiency one of the primary
virtues in a cloud backup product. So anything that can help reduce the amount of data to be moved
into the cloud is critical.

Compression and source-side deduplication are two technologies that help minimize the amount of
traffic sent into the cloud. Data deduplication reduces bandwidth usage and also helps cut the cost
of backing up to the cloud. Because cloud storage pricing is usually based on gigabytes stored,
compression and dedupe are instrumental in lowering monthly fees. To maximize data reduction, some
MSPs deduplicate on the source side and one more time in the cloud. While the scope of source-side
dedupe may be limited to a single or few hosts, dedupe in the cloud can be performed against all
data, resulting in significant additional data reduction.

“We deduplicate and compress before we send data across, and we deduplicate one more time once
data is in the cloud,” said Karen Jaworski, senior director of product marketing at i365, a Seagate
company and backup MSP.

Transport. Besides source-side dedupe, cloud backup products differ in the way they
manage available bandwidth. The ability to limit and throttle bandwidth while backups are in
progress helps minimize the impact on users and other apps sharing the Internet connection.
Moreover, being able to configure multiple bandwidth limits for different times of the day helps
optimize the balance between backup performance and the impact on other users. Some cloud service
providers, such as AT&T, give customers the option to use a multiprotocol label switching
(MPLS) circuit instead of the Internet; this option is relatively cost-effective for customers who
already use MPLS. The quality of service (QoS) feature of MPLS lets users label backup data as
low-priority traffic, eliminating the impact on other users and applications altogether. This is
especially attractive for midsized and large companies with many users and a lot of protected
data.

Backup managed service providers

Handing off backups to a managed service provider is the quickest way of getting backups into
the cloud and the method with the fewest internal IT requirements. MSP offerings are available as
pure cloud backup products where the user installs agents on desktops and servers that directly
back up data into the cloud; they’re also available as hybrid cloud backup products where the cloud
service vendor provides a managed on-premises gateway to store backup data locally before
replication into the cloud.

MSP offerings range from consumer, small office/home office (SOHO) and small- and medium-sized
business (SMB) products to cloud backup services targeted at the enterprise. “While the sweet spot
for cloud-based backup is still the small to midsized company, larger enterprises have started
leveraging the cloud to supplement internal backups, especially for DR [disaster recovery], remote
office and end-user data protection,” said David Chapa, senior analyst at Milford, Mass.-based
Enterprise Strategy Group (ESG).

Consumer backup services were popularized by Mozy (now part of EMC Corp.) and Carbonite. They’re
pure cloud backup products, licensed to protect a single desktop or laptop, and may not have all
the features expected in a business backup product. For instance, the Carbonite service doesn’t
offer deduplication. “Deduplication is less required in our target market where the average amount
of protected data is less than 50 GB,” said Pete Lamson, general manager of Carbonite’s Small
Business Group. Both Carbonite (with Carbonite Business) and Mozy (with MozyPro) have expanded their offerings into businesses. While
Carbonite targets small businesses with a simple and highly affordable backup service, MozyPro is
aimed at small and large businesses alike.

Joining Carbonite with a focus on small companies with up to 50 users is Symantec Corp. with Backup Exec.cloud. “Backup Exec.cloud has
centralized management and provides global visibility to protected hosts, and we try to make backup
as simple as possible,” said David Mitchell, product manager for Symantec’s hosted endpoint
protection.

For enterprises, IBM has rebranded and renamed its managed backup service offerings with a focus
on resilience: SmartCloud
Resilience. The IBM product spans the data protection spectrum from backup and recovery to
archival and DR.

Hewlett-Packard (HP) Co.’s enterprise Electronic
Vaulting Service is a managed server backup product powered by Asigra Software; HP’s Mobile
Information Protection uses Autonomy Connected Backup, which HP has just made available as PC
Backup Services for the SOHO and SMB markets, and is available through channel partners.

EVault has been offering managed backups since 1997, and the company has one of the most
complete and feature-rich cloud backup offerings addressing the needs of small and large companies.
Available as pure service, software, and physical and virtual appliances, it can be deployed
on-premises, in a hybrid arrangement or as a pure cloud backup product.

Iron Mountain Inc., has one of the strongest brands in the backup world but its cloud message
changed with the sale of its Connected Backup and LiveVault backup software to Autonomy. Iron
Mountain is currently focusing on backup services rather than software development.

“We continue to offer cloud backup services for businesses,” said Ken Rubin, senior vice
president and general manager of the Iron Mountain healthcare service. “For the healthcare and
financial services sectors, we provide advanced solutions; for instance, for hospitals we offer a
managed backup product with tight integration with all major PACS [picture and archival
communication system] systems.”

Cloud-enabled backup apps and gateways

While small companies are more likely to opt for the MSP approach, larger companies are more apt
to extend their existing backup infrastructure into the cloud using either their existing backup
software or a cloud gateway. The incentives to expand the backup infrastructure into the cloud
range from replacing off-site tapes with backups in the cloud to leveraging the cloud for backup
jobs that can be performed more cost-effectively.

Cloud support in commercial backup applications varies considerably. CommVault Systems Inc. has
added extensive cloud support and supports a wide range of cloud service providers (AT&T,
Amazon, Microsoft, Nirvanix and Rackspace). Supported cloud providers appear as additional backup
media and all backup features, such as deduplication, are available when backing up to the cloud.
Archival into the cloud with stub support for on-demand retrieval of archived data and block-based
replication of changes into the cloud for recovery into a compute cloud service such as Amazon Elastic Compute Cloud (EC2) are just a couple of
features that distinguish CommVault
Simpana. Similar to CommVault, both Symantec Backup Exec and NetBackup support backing up into
the cloud, but they currently only support Nirvanix. Arkeia Network Backup supports replication of
backup sets into Amazon and Nirvanix.

EMC Avamar and NetWorker currently don’t
have out-of-the-box integration with cloud service providers. Instead, EMC is selling Avamar to
MSPs. “We decided on Avamar to power our enterprise backup service because of its efficient
source-side deduplication and scalable Avamar Data Store grid,” said Dick Mulvihill, co-founder and
managing partner at Hexistor Data Protection Service LLC, a Chicago-based backup MSP.

IBM Tivoli Storage Manager
(TSM) doesn’t currently support direct backups into the cloud. “We’re working with cloud
gateway manufacturers such as Riverbed for cloud backup support; cloud backup gateways are simple
and quick to set up and have the advantage of locally cached backups for quick restores,” said
Steve Wojtowecz, vice president of storage software development at Tivoli.

Cloud gateways that move data into cloud storage are available from Nasuni Corp., Panzura Inc.,
Riverbed Technology Inc., StorSimple Inc., TwinStrata Inc., and others. While some gateways are
touted as hybrid cloud storage products to extend on-premises storage into the cloud, Riverbed
Whitewater’s focus is exclusively on cloud backup. Available in different configurations for small
businesses to large enterprises, traditional backup applications back up to the Whitewater gateway
appliance, which then deduplicates, compresses, encrypts and asynchronously moves data into
supported cloud providers (which currently include AT&T, Amazon and Nirvanix). The StorSimple
gateway stands out because of its extensive support of Microsoft SharePoint.

Cloud backup goes mainstream

Backup to the cloud is moving from a niche application into the mainstream, especially in the
SOHO and SMB sectors, and it’s being used increasingly by larger companies to supplement their
existing backup infrastructure. The increased adoption of cloud services by public companies and
even government agencies suggests that security concerns with cloud services are slowly abating.
However, proper due diligence must be taken when evaluating cloud backup, such as implementing
solid backup processes and strong controls, to avoid unpleasant surprises.

Jacob Gsoedl is a freelance writer and a corporate director for business systems. He can be
reached at jgsoedl@yahoo.com.

Disclaimer:
Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.